CRIS Current Research Information System

This study investigates the detection of vulnerabilities in smart contracts using various transformer models and Large Language Model (LLM) systems. We evaluated BERT, CodeBERT, DistilBERT, and the Gemini model, employing techniques such as aggregation of chunks to enhance performance. The results indicate that simple transformers applied to source code generally perform worse than when applied to byte-code. However, the use of aggregation techniques on the source code significantly improved the model performance. We also evaluate the use of meta-classifiers for multimodal data, by stacking multiple transformers working on source code and byte-code. The Random Forest meta-classifier achieved the highest performance but exhibited significant overfitting. The Gemini model demonstrates limited performance, highlighting the necessity of proper training for LLM systems.

Ferretti, S., D'Angelo, G., Ghini, V., Tomasone, M.b. (2025). Detecting Smart Contract Vulnerabilities using Transformers and LLMs. 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA : IEEE COMPUTER SOC [10.1109/PerComWorkshops65533.2025.00033].

Detecting Smart Contract Vulnerabilities using Transformers and LLMs

Ferretti, S;D'Angelo, G;Ghini, V;Tomasone, MB
2025

Abstract

This study investigates the detection of vulnerabilities in smart contracts using various transformer models and Large Language Model (LLM) systems. We evaluated BERT, CodeBERT, DistilBERT, and the Gemini model, employing techniques such as aggregation of chunks to enhance performance. The results indicate that simple transformers applied to source code generally perform worse than when applied to byte-code. However, the use of aggregation techniques on the source code significantly improved the model performance. We also evaluate the use of meta-classifiers for multimodal data, by stacking multiple transformers working on source code and byte-code. The Random Forest meta-classifier achieved the highest performance but exhibited significant overfitting. The Gemini model demonstrates limited performance, highlighting the necessity of proper training for LLM systems.
2025
IEEE Annual Conference on Pervasive Computing and Communications Workshops (PerCom)
7
12
Ferretti, S., D'Angelo, G., Ghini, V., Tomasone, M.b. (2025). Detecting Smart Contract Vulnerabilities using Transformers and LLMs. 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA : IEEE COMPUTER SOC [10.1109/PerComWorkshops65533.2025.00033].
Ferretti, S; D'Angelo, G; Ghini, V; Tomasone, Mb
4.01 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
_BRAIN_2025__Smart_Contracts_Vulnerability_Detection_with_Transformers.pdf

embargo fino al 18/12/2026

Descrizione: paper versione editoriale
Tipo: Postprint / Author's Accepted Manuscript (AAM) - versione accettata per la pubblicazione dopo la peer-review
Licenza: Licenza per accesso libero gratuito
Dimensione 171.67 kB
Formato Adobe PDF
  Visualizza/Apri   Contatta l'autore
171.67 kB Adobe PDF   Visualizza/Apri   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/1027597
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 0
social impact